JS code at the network edge. Oh, you're still here and not running, screaming? Read on

Cloudflare Workers offered to customize content

Chairman Mao exhorting chinese workers to do their utmost for the nation

Bit caching biz Cloudflare on Friday teased website publishers with the prospect of being able to run JavaScript at the edge of its content delivery network, a capability that promises performance, security, and reliability improvements.

The outfit puts copies of customers' websites and content at various locations around the globe to enable speedy delivery and provides an efficient path to customer servers. It also does other things, like protect against malicious web traffic.

Making its edge points programmable would be appealing to customers, because it would allow them to run code designed to address local issues that aren't necessarily relevant elsewhere.

One way to do this, explained Cloudflare tech lead Kenton Varda, would be to run virtual machines or containers for every customer endpoint, but that would be expensive and complicated.

Instead, Varda has developed a scheme to run JavaScript using the Service Worker API, which runs code as a background processes.

"Service Workers were designed to run in browsers, but it turns out that the Service Worker API is a perfect fit for what we wanted to support on the edge," he explained in a blog post.

On Friday, Cloudflare began accepting signups for those interested in beta testing Cloudflare Service Workers, server-side JavaScript code executed using the V8 JavaScript engine developed for Google Chrome.

These Service Workers intercept incoming HTTP requests sent to a customer's domain and can return an HTTP response or make outbound HTTP requests to any other public internet address.

They allow site publishers to do things like put HTML templates at the edge of Cloudflare's CDN and only fetch dynamic content from company servers, or craft custom security rules, or implement customized load balancing and failover logic.

Varda says Cloudflare considered other possibilities such as Lua, virtual machines, containers, and Vx32 sandboxing. But JavaScript and V8 won out because the V8 engine's code is heavily scrutinized by Google for security, JavaScript is ubiquitous and V8's support for WebAssembly means other languages can be supported.

Node.js, a JavaScript runtime that relies on V8, was also considered but using it would mean losing V8's sandboxing.

The Cloudflare Workers Playground, which sounds like socialist vacation spot, turns out to be a place where the curious can try out some code. Interested parties may wish to petition for beta access. ®

Sponsored: The Joy and Pain of Buying IT - Have Your Say


Biting the hand that feeds IT © 1998–2017